Bug 2056388 (CVE-2021-45082)
Summary: | CVE-2021-45082 cobbler: incomplete template sanitization | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Avinash Hanwate <ahanwate> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | brejoc, jimi, kwizart, matrixfueller, ngompa13, orion, scott, tkasparek, tlestach, vanmeeuwen+fedora |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | cobbler 3.3.1 | Doc Type: | If docs needed, set a value |
Doc Text: |
A flaw was found in cobbler. The vulnerability occurs due to incomplete template sanitization and leads to code injection. This flaw allows an attacker to interact and inject malicious codes and gain access to the system.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2022-03-03 00:49:48 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2056391, 2056392 | ||
Bug Blocks: | 2056398 |
Description
Avinash Hanwate
2022-02-21 06:47:07 UTC
Created cobbler tracking bugs for this issue: Affects: epel-all [bug 2056392] Affects: fedora-all [bug 2056391] This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2021-45082 |